[CentOS] Notes on openssh configuration
Leonard den Ottolander
leonard at den.ottolander.nlFri Jan 27 18:59:22 UTC 2017
- Previous message: [CentOS] Notes on openssh configuration
- Next message: [CentOS] Notes on openssh configuration
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Gordon, On Fri, 2017-01-27 at 10:26 -0800, Gordon Messmer wrote: > Cryptographers still consider MD5 secure for HMAC use. Wikipedia's > references (currently 6, 7, and 8) in this article are useful: > > https://en.wikipedia.org/wiki/Hash-based_message_authentication_code https://en.wikipedia.org/wiki/MD5 seems to disagree: "The security of the MD5 has been severely compromised, with its weaknesses having been exploited in the field, most infamously by the Flame malware in 2012. The CMU Software Engineering Institute considers MD5 essentially "cryptographically broken and unsuitable for further use"." SHA-1 is not as severely broken as MD5, so the argument that Schneier made in 2009 that SHA-1 is still suitable as a HMAC cannot necessarily be extended to MD5. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research
- Previous message: [CentOS] Notes on openssh configuration
- Next message: [CentOS] Notes on openssh configuration
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list